• Title/Summary/Keyword: network threat

Search Result 444, Processing Time 0.028 seconds

Artificial Intelligence based Threat Assessment Study of Uncertain Ground Targets (불확실 지상 표적의 인공지능 기반 위협도 평가 연구)

  • Jin, Seung-Hyeon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.22 no.6
    • /
    • pp.305-313
    • /
    • 2021
  • The upcoming warfare will be network-centric warfare with the acquiring and sharing of information on the battlefield through the connection of the entire weapon system. Therefore, the amount of information generated increases, but the technology of evaluating the information is insufficient. Threat assessment is a technology that supports a quick decision, but the information has many uncertainties and is difficult to apply to an advanced battlefield. This paper proposes a threat assessment based on artificial intelligence while removing the target uncertainty. The artificial intelligence system used was a fuzzy inference system and a multi-layer perceptron. The target was classified by inputting the unique characteristics of the target into the fuzzy inference system, and the classified target information was input into the multi-layer perceptron to calculate the appropriate threat value. The validity of the proposed technique was verified with the threat value calculated by inputting the uncertain target to the trained artificial neural network.

The study on a threat countermeasure of mobile cloud services (모바일 클라우드 서비스의 보안위협 대응 방안 연구)

  • Jang, Eun-Young;Kim, Hyung-Jong;Park, Choon-Sik;Kim, Joo-Young;Lee, Jae-Il
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.1
    • /
    • pp.177-186
    • /
    • 2011
  • Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

Unauthorized Software Blocking Techniques in Software Defined Network (SDN) Environments (Software Defined Network(SDN) 환경에서 비인가 소프트웨어 차단 기법)

  • Kang, Nam-Gil;Kwon, TaeWook
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.2
    • /
    • pp.393-399
    • /
    • 2019
  • In a situation where an unauthorized SW brought into the organization without being authorized is emerging as a threat to the network security, the security of the network based on the SDN(Software-Defined Network) can be strengthened through the development of the security application considering the organization's characteristics. Security technology of existing SDN environment has been studied to protect internal network from external networks such as firewalls and Intrusion Detection Systems, but the research for resolving insider threat was insufficient. Therefore, We propose a system that protects the internal network from unauthorized SW, which is one of the insider threats in the SDN environment.

A Study on the Improvement of Security Threat Analysis and Response Technology by IoT Layer (IoT 계층별 보안위협 분석 및 대응기술 개선 방안 연구)

  • Won, Jong-Hyuk;Hong, Jung-Wan;You, Yen-Yoo
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.6
    • /
    • pp.149-157
    • /
    • 2018
  • In this paper, we propose an attack detection technology using SDN Controller to study security threats in IoT environment. The research methodology has been developed by applying IoT security threat management technology to the IoT layer and analyzing the research trend of applied security technology. The study results show that the effectiveness of the detection method using the sampling method is studied by adding OpenFlow based SDN Controller to the network switch equipment of the existing IoT network. This method can detect the monitoring and attack of the whole network by interworking with IDS and IPS without affecting the performance of existing IoT devices. By applying such improved security threat countermeasure technology, we expect to be able to relieve anxiety of IoT security threat and increase service reliability.

A Study on Threat factors of Information Security in Social Network Service by Analytic Hierarchy Process (AHP를 이용한 SNS 정보보호 위협요인 분석)

  • Sung, Ki-Hoon;Kong, Hee-Kyung;Kim, Tae-Han
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.6
    • /
    • pp.261-270
    • /
    • 2010
  • As the usage of social network service(SNS) increases recently, great attention has been shown to the information security in SNS. However, there has been little investment in SNS environment for security while preferential investment to attract subscribers has been made so far. Moreover, there is still a lack of confidence for investment effect and an absence of framework to analyze the threat factors of information security in SNS. In this paper, we propose to model for decision-making standard of SNS information security investment by the AHP. The result shows that 'service image' is the most important criterion for the decision of SNS information security. It also shows that 'Profile-squatting and reputation slander through ID thefts' and 'Corporate espionage' are important threat factors in SNS information security.

A Conceptual Design of Knowledge-based Real-time Cyber-threat Early Warning System (지식기반 실시간 사이버위협 조기 예.경보시스템)

  • Lee, Dong-Hwi;Lee, Sang-Ho;J. Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.6 no.1
    • /
    • pp.1-11
    • /
    • 2006
  • The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.

  • PDF

Design of Intrusion Detection and Audit Trail System using Network Events (전산망 사건을 이용한 침입 감지 및 감사 추적 시스템 설계)

  • Kim, Ki-Jung;Yun, Sang-Hun;Lee, Yong-Jun;Ryu, Keun-Ho
    • The Transactions of the Korea Information Processing Society
    • /
    • v.4 no.9
    • /
    • pp.2342-2353
    • /
    • 1997
  • According to the outstanding development of information industry, a study of firewall is progressing as one of methods to cope with threat and loss of the data through computer network. For the secure network, this paper proposes the method diminishing threat and loss of the network using the correlation firewall with network audit trail system. Also, this paper suggests not only the audit analyzer execution model but also the type of databases used in audit analyzer to analyze the audit data. Network audit trail system has the function of identifing and analyzing of all intruder actions using audit records created by users.

  • PDF

Trend and Prospect of Security System Technology for Network (네트워크를 위한 보안 시스템의 기술 개발 동향 및 전망)

  • Yang, Kyung-Ah;Shin, Dong-Woo;Kim, Jong-Kyu;Bae, Byung-Chul
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.18 no.5
    • /
    • pp.1-8
    • /
    • 2018
  • The latest cyber attack utilizing advanced technologies is more rapidly advancing than developing speed of defense technology, thereby escalates the security risk. In responding to this recent threat, academia and industries are developing some sophisticated security technologies applying various methods. Based on these technologies, security systems are used in many fields. This article aims to select noticeable network security related technologies for the security systems. In particular, we compared and analyzed the trend, performance, and functions of both foreign and domestic technologies in regard to UTM having the largest portions among network security systems so far. We will also discuss the prospect for the change in network infrastructure due to the emergence of the next-generation network technology.

Indicator-based Behavior Ontology for Detecting Insider Threats in Network Systems

  • Kauh, Janghyuk;Lim, Wongi;Kwon, Koohyung;Lee, Jong-Eon;Kim, Jung-Jae;Ryu, Minwoo;Cha, Si-Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.10
    • /
    • pp.5062-5079
    • /
    • 2017
  • Malicious insider threats have increased recently, and methods of the threats are diversifying every day. These insider threats are becoming a significant problem in corporations and governments today. From a technology standpoint, detecting potential insider threats is difficult in early stage because it is unpredictable. In order to prevent insider threats in early stage, it is necessary to collect all of insiders' data which flow in network systems, and then analyze whether the data are potential threat or not. However, analyzing all of data makes us spend too much time and cost. In addition, we need a large repository in order to collect and manage these data. To resolve this problem, we develop an indicator-based behavior ontology (IB2O) that allows us to understand and interpret insiders' data packets, and then to detect potential threats in early stage in network systems including social networks and company networks. To show feasibility of the behavior ontology, we developed a prototype platform called Insider Threat Detecting Extractor (ITDE) for detecting potential insider threats in early stage based on the behavior ontology. Finally, we showed how the behavior ontology would help detect potential inside threats in network system. We expect that the behavior ontology will be able to contribute to detecting malicious insider threats in early stage.

Web Attack Classification via WAF Log Analysis: AutoML, CNN, RNN, ALBERT (웹 방화벽 로그 분석을 통한 공격 분류: AutoML, CNN, RNN, ALBERT)

  • Youngbok Jo;Jaewoo Park;Mee Lan Han
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.4
    • /
    • pp.587-596
    • /
    • 2024
  • Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.